PHAD: Packet header anomaly detection

PHAD basically works only over the attacks which are based on the Transport, Network and Data link Layer protocols i.e. Ethernet, IP, TCP, UDP, and ICMP protocols. The most important purpose of intrusion detection system is to detect attacks against information systems. It is a security method attempting to identify various attacks. In this paper we discussed PHAD (Packet Header Anomaly detection) as anomaly based statistical algorithms.

[1]  Kapil Keshao Wankhade,et al.  An efficient approach for Intrusion Detection using data mining methods , 2013, 2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[2]  M. Hemalatha,et al.  Handling Intrusion Detection System using Snort Based Statistical Algorithm and Semi-supervised Approach , 2013 .

[3]  Philip K. Chan,et al.  PHAD: packet header anomaly detection for identifying hostile network traffic , 2001 .

[4]  Lilly Suriani Affendey,et al.  Intrusion detection using data mining techniques , 2010, 2010 International Conference on Information Retrieval & Knowledge Management (CAMP).

[5]  Divya Surender Lakra HSNORT: A Hybrid Intrusion Detection System using , 2013 .

[6]  Vinod Kumar,et al.  Signature Based Intrusion Detection System Using SNORT , 2012 .

[7]  Liu Kai A Hybrid Intrusion Detection System , 2012 .

[8]  Hong Huang,et al.  Network Traffic Anomaly Detection , 2014, ArXiv.

[9]  Kai Li,et al.  Research on the intrusion detection technology with hybrid model , 2010, 2010 The 2nd Conference on Environmental Science and Information Application Technology.

[10]  A. Halim Zaim,et al.  A hybrid intrusion detection system design for computer network security , 2009, Comput. Electr. Eng..

[11]  M. Hemalatha,et al.  Effective approach toward Intrusion Detection System using data mining techniques , 2014 .

[12]  Matthew V. Mahoney,et al.  Network traffic anomaly detection based on packet bytes , 2003, SAC '03.